12051 2006-12-31 16:31:26 -0800 Crash in WebCore::HTMLSliderThumbElement::inDragMode 2007-01-01 15:58:05 -0800 1 1 1 Unclassified WebKit New Bugs 420+ Mac OS X 10.4 RESOLVED DUPLICATE 12045 P2 Major --- 1 mrowe webkit-unassigned oldest_to_newest 38679 0 mrowe 2006-12-31 16:31:26 -0800 <html> <head> <title>Test HTML Page</title> <meta http-equiv="refresh" content="1"> <style type="text/css"> body { font: -webkit-small-control; } font { -webkit-appearance: sliderthumb-horizontal; } </style> </head> <body> <font>font</font> </body> </html> Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x0000007c 0x015c9c39 in WebCore::HTMLSliderThumbElement::inDragMode (this=0x0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderSlider.cpp:54 54 bool inDragMode() const { return m_inDragMode; } (gdb) bt #0 0x015c9c39 in WebCore::HTMLSliderThumbElement::inDragMode (this=0x0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderSlider.cpp:54 #1 0x013a4292 in WebCore::RenderSlider::inDragMode (this=0x170608ec) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderSlider.cpp:385 #2 0x0119a0c2 in WebCore::RenderThemeMac::paintSliderThumb (this=0x1640fe0, o=0x1705ff6c, paintInfo=@0xbfffca28, r=@0xbfffc8e0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderThemeMac.mm:1028 #3 0x0119c61b in WebCore::RenderTheme::paint (this=0x1640fe0, o=0x1705ff6c, paintInfo=@0xbfffca28, r=@0xbfffc8e0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderTheme.cpp:125 #4 0x0115f141 in WebCore::RenderBox::paintBoxDecorations (this=0x1705ff6c, paintInfo=@0xbfffca28, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBox.cpp:365 #5 0x011591df in WebCore::RenderBlock::paintObject (this=0x1705ff6c, paintInfo=@0xbfffca28, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBlock.cpp:1351 #6 0x01151e89 in WebCore::RenderBlock::paint (this=0x1705ff6c, paintInfo=@0xbfffca28, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBlock.cpp:1285 #7 0x0129aa69 in WebCore::InlineBox::paint (this=0x1707004c, paintInfo=@0xbfffca9c, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/InlineBox.cpp:139 #8 0x0129a5cb in WebCore::InlineFlowBox::paint (this=0x1707008c, paintInfo=@0xbfffcb90, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/InlineFlowBox.cpp:583 #9 0x0129b56f in WebCore::RootInlineBox::paint (this=0x1707008c, paintInfo=@0xbfffcb90, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RootInlineBox.cpp:136 #10 0x01174313 in WebCore::RenderFlow::paintLines (this=0x170608ec, paintInfo=@0xbfffcd40, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderFlow.cpp:395 #11 0x0115925e in WebCore::RenderBlock::paintObject (this=0x170608ec, paintInfo=@0xbfffcd40, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBlock.cpp:1367 #12 0x01151e89 in WebCore::RenderBlock::paint (this=0x170608ec, paintInfo=@0xbfffcd40, tx=8, ty=8) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBlock.cpp:1285 #13 0x011521bf in WebCore::RenderBlock::paintChildren (this=0x17062ddc, paintInfo=@0xbfffce94, tx=0, ty=0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBlock.cpp:1315 #14 0x01159280 in WebCore::RenderBlock::paintObject (this=0x17062ddc, paintInfo=@0xbfffce94, tx=0, ty=0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBlock.cpp:1369 #15 0x01151e89 in WebCore::RenderBlock::paint (this=0x17062ddc, paintInfo=@0xbfffce94, tx=0, ty=0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderBlock.cpp:1285 #16 0x01180a38 in WebCore::RenderLayer::paintLayer (this=0x17062e8c, rootLayer=0x1704798c, p=0xbfffd0c4, paintDirtyRect=@0xbfffd0cc, haveTransparency=false, paintRestriction=WebCore::PaintRestrictionNone, paintingRoot=0x0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderLayer.cpp:1438 #17 0x01180bfc in WebCore::RenderLayer::paintLayer (this=0x1704798c, rootLayer=0x1704798c, p=0xbfffd0c4, paintDirtyRect=@0xbfffd0cc, haveTransparency=false, paintRestriction=WebCore::PaintRestrictionNone, paintingRoot=0x0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderLayer.cpp:1463 #18 0x01180cc4 in WebCore::RenderLayer::paint (this=0x1704798c, p=0xbfffd0c4, damageRect=@0xbfffd0cc, paintRestriction=WebCore::PaintRestrictionNone, paintingRoot=0x0) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/rendering/RenderLayer.cpp:1330 #19 0x010dfc7b in WebCore::Frame::paint (this=0x29650d0, p=0xbfffd0c4, rect=@0xbfffd0cc) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/page/Frame.cpp:1041 #20 0x01100429 in -[WebCoreFrameBridge drawRect:] (self=0x2964c50, _cmd=0x90aa2b6c, rect={origin = {x = 0, y = 0}, size = {width = 1415, height = 761}}) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebCore/page/mac/WebCoreFrameBridge.mm:480 #21 0x00341fbf in -[WebHTMLView drawSingleRect:] (self=0x17037d00, _cmd=0x3c3308, rect={origin = {x = 0, y = 0}, size = {width = 1415, height = 761}}) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebKit/WebView/WebHTMLView.m:2678 #22 0x00342395 in -[WebHTMLView drawRect:] (self=0x17037d00, _cmd=0x90aa2b6c, rect={origin = {x = 0, y = 0}, size = {width = 1415, height = 761}}) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebKit/WebView/WebHTMLView.m:2729 #23 0x932ee3b1 in -[NSView _drawRect:clip:] () #24 0x932ed40b in -[NSView _recursiveDisplayAllDirtyWithLockFocus:visRect:] () #25 0x0033bd2f in -[WebHTMLView(WebPrivate) _recursiveDisplayAllDirtyWithLockFocus:visRect:] (self=0x17037d00, _cmd=0x90a83574, needsLockFocus=1 '\001', visRect={origin = {x = 0, y = 0}, size = {width = 1415, height = 761}}) at /Users/mrowe/Documents/Source/SVN/WebKit-Nightlies/WebKit/WebView/WebHTMLView.m:893 #26 0x932ff36f in _recursiveDisplayInRect2 () #27 0x9083af26 in CFArrayApplyFunction () #28 0x932ed613 in -[NSView _recursiveDisplayAllDirtyWithLockFocus:visRect:] () #29 0x932ff36f in _recursiveDisplayInRect2 () #30 0x9083af26 in CFArrayApplyFunction () #31 0x932ed613 in -[NSView _recursiveDisplayAllDirtyWithLockFocus:visRect:] () #32 0x932ec473 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #33 0x932ed041 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #34 0x932ed041 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #35 0x932ed041 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #36 0x932ed041 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #37 0x932ed041 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #38 0x932ebb78 in -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #39 0x932eb362 in -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] () #40 0x932eac8e in -[NSView displayIfNeeded] () #41 0x932eaa32 in -[NSWindow displayIfNeeded] () #42 0x0001c394 in ?? () #43 0x9333ad6c in _handleWindowNeedsDisplay () #44 0x9082a155 in __CFRunLoopDoObservers () #45 0x908291f7 in CFRunLoopRunSpecific () #46 0x90828eb5 in CFRunLoopRunInMode () #47 0x92dcdb90 in RunCurrentEventLoopInMode () #48 0x92dcd297 in ReceiveNextEventCommon () #49 0x92dcd0ee in BlockUntilNextEventMatchingListInMode () #50 0x9326f465 in _DPSNextEvent () #51 0x9326f056 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] () #52 0x00006f96 in ?? () #53 0x93268ddb in -[NSApplication run] () #54 0x9325cd2f in NSApplicationMain () #55 0x0005f7de in ?? () #56 0x0005f6f9 in ?? () (gdb) 38644 1 mrowe 2006-12-31 16:33:32 -0800 The backtrace on this is very similar to that on bug 12045 -- it looks like they may be the same issue. 38440 2 mrowe 2007-01-01 15:58:05 -0800 *** This bug has been marked as a duplicate of 12045 ***